-
Notifications
You must be signed in to change notification settings - Fork 0
/
change.cgi
executable file
·91 lines (84 loc) · 2.39 KB
/
change.cgi
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
#!/usr/bin/python
# -*- coding: UTF-8 -*-
print("Content-type: text/html")
print
#import cgitb
#cgitb.enable()
import cgi
import os
import subprocess
form=cgi.FieldStorage()
user_name=form.getvalue('original')
new_name=form.getvalue('new_name')
token_key=form.getvalue('token')
print '''
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>2014 Fall NCTUEE Data Structure</title>
<link href="Site.css" rel="stylesheet">
</head>'''
def is_ascii(s):
return all(ord(c) < 128 for c in s)
if user_name and new_name and is_ascii(user_name) and is_ascii(new_name):
print '''
<body>
<nav id="nav01"></nav>'''
print '<div id="main">'
print '<h1>Change display name</h1>'
prefix='user'
import sqlite3
account=os.listdir('/home')
if not user_name in account:
print "<h3>user:"+user_name+" is not in list</h3>"
else:
conn=sqlite3.connect(prefix+'.db')
c=conn.cursor()
c.execute("SELECT ALLOW_MODIFY,TOKEN FROM user WHERE NAME= '"+user_name+"';")
data=c.fetchall()
previous=data[0][0]
token=data[0][1]
if token!=token_key:
print '<h3>wrong token</h3>'
elif int(previous)==1:
c.execute("UPDATE user SET DISPLAY='"+new_name+"',ALLOW_MODIFY=0 "+ \
"WHERE NAME='"+user_name+"';")
conn.commit()
print '<h3>set display name of '+user_name+' as '+new_name+'</h3>'
else:
print '<h3>user:'+user_name+' are not allowed to change your name twice</h3>'
print '<footer id="foot01"></footer>'
print '</div>'
elif user_name and new_name:
print '''
<body>
<nav id="nav01"></nav>
<div id="main">
<h1>Change the name in leaderboard</h1>
<h2>Note: You have only one chance to change your display name.</h2>
<h3>!!! ascii only !!!</h3>
<footer id="foot01"></footer>
</div>'''
else:
print '''
<body>
<nav id="nav01"></nav>
<div id="main">
<h1>Change the name in leaderboard</h1>
<h2>Note: You have only one chance to change your display name.</h2><br>
<form action='change.cgi'>
Account:
<input type='text' name='original'><br>
Token:
<input type='text' name='token'><br>
New name:
<input type='text' name='new_name'><br>
<input type='submit'>
</form>
<footer id="foot01"></footer>
</div>'''
print '''
<script src="Script.js"></script>
</body>
</html>'''